github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

set up data API for 1.2 format (currently the same as 1.1 format)

pull/730/head
Justin Richer 2014-11-15 19:59:47 -10:00
parent 69c19d35fa
commit 0e776762c2
8 changed files with 3071 additions and 1236 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
openid-connect-common/src/main/java/org/mitre/openid/connect/service/MITREidDataService.java
View File

@ -28,10 +28,11 @@ import com.google.gson.stream.JsonWriter;
public interface MITREidDataService {
/**
* Data member for 1.0 configuration
* Data member for 1.X configurations
*/
public static final String MITREID_CONNECT_1_0 = "mitreid-connect-1.0";
public static final String MITREID_CONNECT_1_1 = "mitreid-connect-1.1";
public static final String MITREID_CONNECT_1_2 = "mitreid-connect-1.2";
// member names
public static final String REFRESHTOKENS = "refreshTokens";

4
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_0.java
View File

@ -63,7 +63,7 @@ import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.stereotype.Service;
/**
*
* Data service to import and export MITREid 1.0 configuration.
* Data service to import MITREid 1.0 configuration.
*
* @author jricher
* @author arielak
@ -92,7 +92,7 @@ public class MITREidDataService_1_0 extends MITREidDataService_1_X {
@Override
public void exportData(JsonWriter writer) throws IOException {
throw new UnsupportedOperationException("Not supported.");
throw new UnsupportedOperationException("Can not export 1.0 format from this version.");
}
/* (non-Javadoc)

340
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_1.java
View File

@ -68,7 +68,7 @@ import com.google.gson.stream.JsonWriter;
/**
*
* Data service to import and export MITREid 1.0 configuration.
* Data service to import MITREid 1.1 configuration.
*
* @author jricher
* @author arielak
@ -98,343 +98,7 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
*/
@Override
public void exportData(JsonWriter writer) throws IOException {
// version tag at the root
writer.name(MITREID_CONNECT_1_1);
writer.beginObject();
// clients list
writer.name(CLIENTS);
writer.beginArray();
writeClients(writer);
writer.endArray();
writer.name(GRANTS);
writer.beginArray();
writeGrants(writer);
writer.endArray();
writer.name(WHITELISTEDSITES);
writer.beginArray();
writeWhitelistedSites(writer);
writer.endArray();
writer.name(BLACKLISTEDSITES);
writer.beginArray();
writeBlacklistedSites(writer);
writer.endArray();
writer.name(AUTHENTICATIONHOLDERS);
writer.beginArray();
writeAuthenticationHolders(writer);
writer.endArray();
writer.name(ACCESSTOKENS);
writer.beginArray();
writeAccessTokens(writer);
writer.endArray();
writer.name(REFRESHTOKENS);
writer.beginArray();
writeRefreshTokens(writer);
writer.endArray();
writer.name(SYSTEMSCOPES);
writer.beginArray();
writeSystemScopes(writer);
writer.endArray();
writer.endObject(); // end mitreid-connect-1.1
}
/**
* @param writer
*/
private void writeRefreshTokens(JsonWriter writer) throws IOException {
for (OAuth2RefreshTokenEntity token : tokenRepository.getAllRefreshTokens()) {
writer.beginObject();
writer.name("id").value(token.getId());
writer.name("expiration").value(DateUtil.toUTCString(token.getExpiration()));
writer.name("clientId")
.value((token.getClient() != null) ? token.getClient().getClientId() : null);
writer.name("authenticationHolderId")
.value((token.getAuthenticationHolder() != null) ? token.getAuthenticationHolder().getId() : null);
writer.name("value").value(token.getValue());
writer.endObject();
logger.debug("Wrote refresh token {}", token.getId());
}
logger.info("Done writing refresh tokens");
}
/**
* @param writer
*/
private void writeAccessTokens(JsonWriter writer) throws IOException {
for (OAuth2AccessTokenEntity token : tokenRepository.getAllAccessTokens()) {
writer.beginObject();
writer.name("id").value(token.getId());
writer.name("expiration").value(DateUtil.toUTCString(token.getExpiration()));
writer.name("clientId")
.value((token.getClient() != null) ? token.getClient().getClientId() : null);
writer.name("authenticationHolderId")
.value((token.getAuthenticationHolder() != null) ? token.getAuthenticationHolder().getId() : null);
writer.name("refreshTokenId")
.value((token.getRefreshToken() != null) ? token.getRefreshToken().getId() : null);
writer.name("idTokenId")
.value((token.getIdToken() != null) ? token.getIdToken().getId() : null);
writer.name("scope");
writer.beginArray();
for (String s : token.getScope()) {
writer.value(s);
}
writer.endArray();
writer.name("type").value(token.getTokenType());
writer.name("value").value(token.getValue());
writer.endObject();
logger.debug("Wrote access token {}", token.getId());
}
logger.info("Done writing access tokens");
}
/**
* @param writer
*/
private void writeAuthenticationHolders(JsonWriter writer) throws IOException {
for (AuthenticationHolderEntity holder : authHolderRepository.getAll()) {
writer.beginObject();
writer.name("id").value(holder.getId());
writer.name("ownerId").value(holder.getOwnerId());
writer.name("authentication");
writer.beginObject();
OAuth2Authentication oa2Auth = holder.getAuthentication();
writer.name("clientAuthorization");
writeAuthorizationRequest(oa2Auth.getOAuth2Request(), writer);
String userAuthentication = base64UrlEncodeObject(oa2Auth.getUserAuthentication());
writer.name("userAuthentication").value(userAuthentication);
writer.endObject();
writer.endObject();
logger.debug("Wrote authentication holder {}", holder.getId());
}
logger.info("Done writing authentication holders");
}
//used by writeAuthenticationHolders
private void writeAuthorizationRequest(OAuth2Request authReq, JsonWriter writer) throws IOException {
writer.beginObject();
writer.name("requestParameters");
writer.beginObject();
for (Entry<String, String> entry : authReq.getRequestParameters().entrySet()) {
writer.name(entry.getKey()).value(entry.getValue());
}
writer.endObject();
writer.name("clientId").value(authReq.getClientId());
Set<String> scope = authReq.getScope();
writer.name("scope");
writer.beginArray();
for (String s : scope) {
writer.value(s);
}
writer.endArray();
writer.name("resourceIds");
writer.beginArray();
if (authReq.getResourceIds() != null) {
for (String s : authReq.getResourceIds()) {
writer.value(s);
}
}
writer.endArray();
writer.name("authorities");
writer.beginArray();
for (GrantedAuthority authority : authReq.getAuthorities()) {
writer.value(authority.getAuthority());
}
writer.endArray();
writer.name("approved").value(authReq.isApproved());
writer.name("redirectUri").value(authReq.getRedirectUri());
writer.name("responseTypes");
writer.beginArray();
for (String s : authReq.getResponseTypes()) {
writer.value(s);
}
writer.endArray();
writer.name("extensions");
writer.beginObject();
for (Entry<String, Serializable> entry : authReq.getExtensions().entrySet()) {
writer.name(entry.getKey()).value(base64UrlEncodeObject(entry.getValue()));
}
writer.endObject();
writer.endObject();
}
/**
* @param writer
*/
private void writeGrants(JsonWriter writer) throws IOException {
for (ApprovedSite site : approvedSiteRepository.getAll()) {
writer.beginObject();
writer.name("id").value(site.getId());
writer.name("accessDate").value(DateUtil.toUTCString(site.getAccessDate()));
writer.name("clientId").value(site.getClientId());
writer.name("creationDate").value(DateUtil.toUTCString(site.getCreationDate()));
writer.name("timeoutDate").value(DateUtil.toUTCString(site.getTimeoutDate()));
writer.name("userId").value(site.getUserId());
writer.name("allowedScopes");
writeNullSafeArray(writer, site.getAllowedScopes());
writer.name("whitelistedSiteId").value(site.getIsWhitelisted() ? site.getWhitelistedSite().getId() : null);
Set<OAuth2AccessTokenEntity> tokens = site.getApprovedAccessTokens();
writer.name("approvedAccessTokens");
writer.beginArray();
for (OAuth2AccessTokenEntity token : tokens) {
writer.value(token.getId());
}
writer.endArray();
writer.endObject();
logger.debug("Wrote grant {}", site.getId());
}
logger.info("Done writing grants");
}
/**
* @param writer
*/
private void writeWhitelistedSites(JsonWriter writer) throws IOException {
for (WhitelistedSite wlSite : wlSiteRepository.getAll()) {
writer.beginObject();
writer.name("id").value(wlSite.getId());
writer.name("clientId").value(wlSite.getClientId());
writer.name("creatorUserId").value(wlSite.getCreatorUserId());
writer.name("allowedScopes");
writeNullSafeArray(writer, wlSite.getAllowedScopes());
writer.endObject();
logger.debug("Wrote whitelisted site {}", wlSite.getId());
}
logger.info("Done writing whitelisted sites");
}
/**
* @param writer
*/
private void writeBlacklistedSites(JsonWriter writer) throws IOException {
for (BlacklistedSite blSite : blSiteRepository.getAll()) {
writer.beginObject();
writer.name("id").value(blSite.getId());
writer.name("uri").value(blSite.getUri());
writer.endObject();
logger.debug("Wrote blacklisted site {}", blSite.getId());
}
logger.info("Done writing blacklisted sites");
}
/**
* @param writer
*/
private void writeClients(JsonWriter writer) {
for (ClientDetailsEntity client : clientRepository.getAllClients()) {
try {
writer.beginObject();
writer.name("clientId").value(client.getClientId());
writer.name("resourceIds");
writeNullSafeArray(writer, client.getResourceIds());
writer.name("secret").value(client.getClientSecret());
writer.name("scope");
writeNullSafeArray(writer, client.getScope());
writer.name("authorities");
writer.beginArray();
for (GrantedAuthority authority : client.getAuthorities()) {
writer.value(authority.getAuthority());
}
writer.endArray();
writer.name("accessTokenValiditySeconds").value(client.getAccessTokenValiditySeconds());
writer.name("refreshTokenValiditySeconds").value(client.getRefreshTokenValiditySeconds());
writer.name("redirectUris");
writeNullSafeArray(writer, client.getRedirectUris());
writer.name("name").value(client.getClientName());
writer.name("uri").value(client.getClientUri());
writer.name("logoUri").value(client.getLogoUri());
writer.name("contacts");
writeNullSafeArray(writer, client.getContacts());
writer.name("tosUri").value(client.getTosUri());
writer.name("tokenEndpointAuthMethod")
.value((client.getTokenEndpointAuthMethod() != null) ? client.getTokenEndpointAuthMethod().getValue() : null);
writer.name("grantTypes");
writer.beginArray();
for (String s : client.getGrantTypes()) {
writer.value(s);
}
writer.endArray();
writer.name("responseTypes");
writer.beginArray();
for (String s : client.getResponseTypes()) {
writer.value(s);
}
writer.endArray();
writer.name("policyUri").value(client.getPolicyUri());
writer.name("jwksUri").value(client.getJwksUri());
writer.name("applicationType")
.value((client.getApplicationType() != null) ? client.getApplicationType().getValue() : null);
writer.name("sectorIdentifierUri").value(client.getSectorIdentifierUri());
writer.name("subjectType")
.value((client.getSubjectType() != null) ? client.getSubjectType().getValue() : null);
writer.name("requestObjectSigningAlg")
.value((client.getRequestObjectSigningAlgEmbed() != null) ? client.getRequestObjectSigningAlgEmbed().getAlgorithmName() : null);
writer.name("userInfoEncryptedResponseAlg")
.value((client.getUserInfoEncryptedResponseAlgEmbed() != null) ? client.getUserInfoEncryptedResponseAlgEmbed().getAlgorithmName() : null);
writer.name("userInfoEncryptedResponseEnc")
.value((client.getUserInfoEncryptedResponseEncEmbed() != null) ? client.getUserInfoEncryptedResponseEncEmbed().getAlgorithmName() : null);
writer.name("userInfoSignedResponseAlg")
.value((client.getUserInfoSignedResponseAlgEmbed() != null) ? client.getUserInfoSignedResponseAlgEmbed().getAlgorithmName() : null);
writer.name("defaultMaxAge").value(client.getDefaultMaxAge());
Boolean requireAuthTime = null;
try {
requireAuthTime = client.getRequireAuthTime();
} catch (NullPointerException e) {
}
if (requireAuthTime != null) {
writer.name("requireAuthTime").value(requireAuthTime);
}
writer.name("defaultACRValues");
writeNullSafeArray(writer, client.getDefaultACRvalues());
writer.name("intitateLoginUri").value(client.getInitiateLoginUri());
writer.name("postLogoutRedirectUri").value(client.getPostLogoutRedirectUri());
writer.name("requestUris");
writeNullSafeArray(writer, client.getRequestUris());
writer.name("description").value(client.getClientDescription());
writer.name("allowIntrospection").value(client.isAllowIntrospection());
writer.name("reuseRefreshToken").value(client.isReuseRefreshToken());
writer.name("dynamicallyRegistered").value(client.isDynamicallyRegistered());
writer.endObject();
logger.debug("Wrote client {}", client.getId());
} catch (IOException ex) {
logger.error("Unable to write client {}", client.getId(), ex);
}
}
logger.info("Done writing clients");
}
/**
* @param writer
*/
private void writeSystemScopes(JsonWriter writer) {
for (SystemScope sysScope : sysScopeRepository.getAll()) {
try {
writer.beginObject();
writer.name("id").value(sysScope.getId());
writer.name("description").value(sysScope.getDescription());
writer.name("icon").value(sysScope.getIcon());
writer.name("value").value(sysScope.getValue());
writer.name("allowDynReg").value(sysScope.isAllowDynReg());
writer.name("defaultScope").value(sysScope.isDefaultScope());
writer.endObject();
logger.debug("Wrote system scope {}", sysScope.getId());
} catch (IOException ex) {
logger.error("Unable to write system scope {}", sysScope.getId(), ex);
}
}
logger.info("Done writing system scopes");
throw new UnsupportedOperationException("Can not export 1.1 format from this version.");
}
/* (non-Javadoc)

1189
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_2.java Normal file
View File

File diff suppressed because it is too large Load Diff

7
openid-connect-server/src/main/java/org/mitre/openid/connect/web/DataAPI.java
View File

@ -66,6 +66,9 @@ public class DataAPI {
@Autowired
private MITREidDataService_1_1 dataService_1_1;
@Autowired
private MITREidDataService_1_1 dataService_1_2;
@RequestMapping(method = RequestMethod.POST, consumes = "application/json")
public String importData(Reader in, Model m) throws IOException {
@ -82,6 +85,8 @@ public class DataAPI {
dataService_1_0.importData(reader);
} else if (name.equals(MITREidDataService.MITREID_CONNECT_1_1)) {
dataService_1_1.importData(reader);
} else if (name.equals(MITREidDataService.MITREID_CONNECT_1_2)) {
dataService_1_2.importData(reader);
} else {
// consume the next bit silently for now
logger.debug("Skipping value for " + name); // TODO: write these out?
@ -122,7 +127,7 @@ public class DataAPI {
writer.value(prin.getName());
// delegate to the service to do the actual export
dataService_1_1.exportData(writer);
dataService_1_2.exportData(writer);
writer.endObject(); // end root
writer.close();

35
openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestMITREidDataService_1_0.java
View File

@ -1,9 +1,21 @@
package org.mitre.openid.connect.service.impl;
import com.google.common.collect.ImmutableSet;
import com.google.gson.stream.JsonReader;
import static org.hamcrest.CoreMatchers.equalTo;
import static org.hamcrest.CoreMatchers.is;
import static org.junit.Assert.assertThat;
import static org.mockito.Matchers.anyLong;
import static org.mockito.Matchers.anyString;
import static org.mockito.Matchers.isA;
import static org.mockito.Matchers.isNull;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
import static org.mockito.Mockito.withSettings;
import java.io.IOException;
import java.io.StringReader;
import java.io.StringWriter;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.Collections;
@ -13,8 +25,7 @@ import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import static org.hamcrest.CoreMatchers.*;
import static org.junit.Assert.assertThat;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
@ -38,13 +49,8 @@ import org.mitre.openid.connect.util.DateUtil;
import org.mockito.ArgumentCaptor;
import org.mockito.Captor;
import org.mockito.InjectMocks;
import static org.mockito.Matchers.anyLong;
import static org.mockito.Matchers.anyString;
import static org.mockito.Matchers.isA;
import static org.mockito.Matchers.isNull;
import org.mockito.Mock;
import org.mockito.Mockito;
import static org.mockito.Mockito.*;
import org.mockito.invocation.InvocationOnMock;
import org.mockito.runners.MockitoJUnitRunner;
import org.mockito.stubbing.Answer;
@ -53,6 +59,10 @@ import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
import com.google.common.collect.ImmutableSet;
import com.google.gson.stream.JsonReader;
import com.google.gson.stream.JsonWriter;
@RunWith(MockitoJUnitRunner.class)
public class TestMITREidDataService_1_0 {
@ -932,4 +942,11 @@ public class TestMITREidDataService_1_0 {
assertThat(savedRefreshTokens.get(0).getAuthenticationHolder().getId(), equalTo(356L));
assertThat(savedRefreshTokens.get(1).getAuthenticationHolder().getId(), equalTo(357L));
}
@Test(expected = UnsupportedOperationException.class)
public void testExportDisabled() throws IOException {
JsonWriter writer = new JsonWriter(new StringWriter());
dataService.exportData(writer);
}
}

891
openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestMITREidDataService_1_1.java
View File

@ -104,120 +104,6 @@ public class TestMITREidDataService_1_1 {
Mockito.reset(clientRepository, approvedSiteRepository, authHolderRepository, tokenRepository, sysScopeRepository, wlSiteRepository, blSiteRepository);
}
@Test
public void testExportRefreshTokens() throws IOException, ParseException {
String expiration1 = "2014-09-10T22:49:44.090+0000";
Date expirationDate1 = DateUtil.utcToDate(expiration1);
ClientDetailsEntity mockedClient1 = mock(ClientDetailsEntity.class);
when(mockedClient1.getClientId()).thenReturn("mocked_client_1");
AuthenticationHolderEntity mockedAuthHolder1 = mock(AuthenticationHolderEntity.class);
when(mockedAuthHolder1.getId()).thenReturn(1L);
OAuth2RefreshTokenEntity token1 = new OAuth2RefreshTokenEntity();
token1.setId(1L);
token1.setClient(mockedClient1);
token1.setExpiration(expirationDate1);
token1.setValue("eyJhbGciOiJub25lIn0.eyJqdGkiOiJmOTg4OWQyOS0xMTk1LTQ4ODEtODgwZC1lZjVlYzAwY2Y4NDIifQ.");
token1.setAuthenticationHolder(mockedAuthHolder1);
String expiration2 = "2015-01-07T18:31:50.079+0000";
Date expirationDate2 = DateUtil.utcToDate(expiration2);
ClientDetailsEntity mockedClient2 = mock(ClientDetailsEntity.class);
when(mockedClient2.getClientId()).thenReturn("mocked_client_2");
AuthenticationHolderEntity mockedAuthHolder2 = mock(AuthenticationHolderEntity.class);
when(mockedAuthHolder2.getId()).thenReturn(2L);
OAuth2RefreshTokenEntity token2 = new OAuth2RefreshTokenEntity();
token2.setId(2L);
token2.setClient(mockedClient2);
token2.setExpiration(expirationDate2);
token2.setValue("eyJhbGciOiJub25lIn0.eyJqdGkiOiJlYmEyYjc3My0xNjAzLTRmNDAtOWQ3MS1hMGIxZDg1OWE2MDAifQ.");
token2.setAuthenticationHolder(mockedAuthHolder2);
Set<OAuth2RefreshTokenEntity> allRefreshTokens = ImmutableSet.of(token1, token2);
Mockito.when(clientRepository.getAllClients()).thenReturn(new HashSet<ClientDetailsEntity>());
Mockito.when(approvedSiteRepository.getAll()).thenReturn(new HashSet<ApprovedSite>());
Mockito.when(wlSiteRepository.getAll()).thenReturn(new HashSet<WhitelistedSite>());
Mockito.when(blSiteRepository.getAll()).thenReturn(new HashSet<BlacklistedSite>());
Mockito.when(authHolderRepository.getAll()).thenReturn(new ArrayList<AuthenticationHolderEntity>());
Mockito.when(tokenRepository.getAllAccessTokens()).thenReturn(new HashSet<OAuth2AccessTokenEntity>());
Mockito.when(tokenRepository.getAllRefreshTokens()).thenReturn(allRefreshTokens);
Mockito.when(sysScopeRepository.getAll()).thenReturn(new HashSet<SystemScope>());
// do the data export
StringWriter stringWriter = new StringWriter();
JsonWriter writer = new JsonWriter(stringWriter);
writer.beginObject();
dataService.exportData(writer);
writer.endObject();
writer.close();
// parse the output as a JSON object for testing
JsonElement elem = new JsonParser().parse(stringWriter.toString());
JsonObject root = elem.getAsJsonObject();
// make sure the root is there
assertThat(root.has(MITREidDataService.MITREID_CONNECT_1_1), is(true));
JsonObject config = root.get(MITREidDataService.MITREID_CONNECT_1_1).getAsJsonObject();
// make sure all the root elements are there
assertThat(config.has(MITREidDataService.CLIENTS), is(true));
assertThat(config.has(MITREidDataService.GRANTS), is(true));
assertThat(config.has(MITREidDataService.WHITELISTEDSITES), is(true));
assertThat(config.has(MITREidDataService.BLACKLISTEDSITES), is(true));
assertThat(config.has(MITREidDataService.REFRESHTOKENS), is(true));
assertThat(config.has(MITREidDataService.ACCESSTOKENS), is(true));
assertThat(config.has(MITREidDataService.SYSTEMSCOPES), is(true));
assertThat(config.has(MITREidDataService.AUTHENTICATIONHOLDERS), is(true));
// make sure the root elements are all arrays
assertThat(config.get(MITREidDataService.CLIENTS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.GRANTS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.WHITELISTEDSITES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.BLACKLISTEDSITES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.REFRESHTOKENS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.ACCESSTOKENS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.SYSTEMSCOPES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.AUTHENTICATIONHOLDERS).isJsonArray(), is(true));
// check our refresh token list (this test)
JsonArray refreshTokens = config.get(MITREidDataService.REFRESHTOKENS).getAsJsonArray();
assertThat(refreshTokens.size(), is(2));
// check for both of our refresh tokens in turn
Set<OAuth2RefreshTokenEntity> checked = new HashSet<OAuth2RefreshTokenEntity>();
for (JsonElement e : refreshTokens) {
assertThat(e.isJsonObject(), is(true));
JsonObject token = e.getAsJsonObject();
OAuth2RefreshTokenEntity compare = null;
if (token.get("id").getAsLong() == token1.getId()) {
compare = token1;
} else if (token.get("id").getAsLong() == token2.getId()) {
compare = token2;
}
if (compare == null) {
fail("Could not find matching id: " + token.get("id").getAsString());
} else {
assertThat(token.get("id").getAsLong(), equalTo(compare.getId()));
assertThat(token.get("clientId").getAsString(), equalTo(compare.getClient().getClientId()));
assertThat(token.get("expiration").getAsString(), equalTo(DateUtil.toUTCString(compare.getExpiration())));
assertThat(token.get("value").getAsString(), equalTo(compare.getValue()));
assertThat(token.get("authenticationHolderId").getAsLong(), equalTo(compare.getAuthenticationHolder().getId()));
checked.add(compare);
}
}
// make sure all of our refresh tokens were found
assertThat(checked.containsAll(allRefreshTokens), is(true));
}
private class refreshTokenIdComparator implements Comparator<OAuth2RefreshTokenEntity> {
@Override
@ -338,144 +224,7 @@ public class TestMITREidDataService_1_1 {
assertThat(savedRefreshTokens.get(1).getExpiration(), equalTo(token2.getExpiration()));
assertThat(savedRefreshTokens.get(1).getValue(), equalTo(token2.getValue()));
}
@Test
public void testExportAccessTokens() throws IOException, ParseException {
String expiration1 = "2014-09-10T22:49:44.090+0000";
Date expirationDate1 = DateUtil.utcToDate(expiration1);
ClientDetailsEntity mockedClient1 = mock(ClientDetailsEntity.class);
when(mockedClient1.getClientId()).thenReturn("mocked_client_1");
AuthenticationHolderEntity mockedAuthHolder1 = mock(AuthenticationHolderEntity.class);
when(mockedAuthHolder1.getId()).thenReturn(1L);
OAuth2AccessTokenEntity token1 = new OAuth2AccessTokenEntity();
token1.setId(1L);
token1.setClient(mockedClient1);
token1.setExpiration(expirationDate1);
token1.setValue("eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE0MTI3ODk5NjgsInN1YiI6IjkwMzQyLkFTREZKV0ZBIiwiYXRfaGFzaCI6InptTmt1QmNRSmNYQktNaVpFODZqY0EiLCJhdWQiOlsiY2xpZW50Il0sImlzcyI6Imh0dHA6XC9cL2xvY2FsaG9zdDo4MDgwXC9vcGVuaWQtY29ubmVjdC1zZXJ2ZXItd2ViYXBwXC8iLCJpYXQiOjE0MTI3ODkzNjh9.xkEJ9IMXpH7qybWXomfq9WOOlpGYnrvGPgey9UQ4GLzbQx7JC0XgJK83PmrmBZosvFPCmota7FzI_BtwoZLgAZfFiH6w3WIlxuogoH-TxmYbxEpTHoTsszZppkq9mNgOlArV4jrR9y3TPo4MovsH71dDhS_ck-CvAlJunHlqhs0");
token1.setAuthenticationHolder(mockedAuthHolder1);
token1.setScope(ImmutableSet.of("id-token"));
token1.setTokenType("Bearer");
String expiration2 = "2015-01-07T18:31:50.079+0000";
Date expirationDate2 = DateUtil.utcToDate(expiration2);
ClientDetailsEntity mockedClient2 = mock(ClientDetailsEntity.class);
when(mockedClient2.getClientId()).thenReturn("mocked_client_2");
AuthenticationHolderEntity mockedAuthHolder2 = mock(AuthenticationHolderEntity.class);
when(mockedAuthHolder2.getId()).thenReturn(2L);
OAuth2RefreshTokenEntity mockRefreshToken2 = mock(OAuth2RefreshTokenEntity.class);
when(mockRefreshToken2.getId()).thenReturn(1L);
OAuth2AccessTokenEntity token2 = new OAuth2AccessTokenEntity();
token2.setId(2L);
token2.setClient(mockedClient2);
token2.setExpiration(expirationDate2);
token2.setValue("eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE0MTI3OTI5NjgsImF1ZCI6WyJjbGllbnQiXSwiaXNzIjoiaHR0cDpcL1wvbG9jYWxob3N0OjgwODBcL29wZW5pZC1jb25uZWN0LXNlcnZlci13ZWJhcHBcLyIsImp0aSI6IjBmZGE5ZmRiLTYyYzItNGIzZS05OTdiLWU0M2VhMDUwMzNiOSIsImlhdCI6MTQxMjc4OTM2OH0.xgaVpRLYE5MzbgXfE0tZt823tjAm6Oh3_kdR1P2I9jRLR6gnTlBQFlYi3Y_0pWNnZSerbAE8Tn6SJHZ9k-curVG0-ByKichV7CNvgsE5X_2wpEaUzejvKf8eZ-BammRY-ie6yxSkAarcUGMvGGOLbkFcz5CtrBpZhfd75J49BIQ");
token2.setAuthenticationHolder(mockedAuthHolder2);
token2.setIdToken(token1);
token2.setRefreshToken(mockRefreshToken2);
token2.setScope(ImmutableSet.of("openid", "offline_access", "email", "profile"));
token2.setTokenType("Bearer");
Set<OAuth2AccessTokenEntity> allAccessTokens = ImmutableSet.of(token1, token2);
Mockito.when(clientRepository.getAllClients()).thenReturn(new HashSet<ClientDetailsEntity>());
Mockito.when(approvedSiteRepository.getAll()).thenReturn(new HashSet<ApprovedSite>());
Mockito.when(wlSiteRepository.getAll()).thenReturn(new HashSet<WhitelistedSite>());
Mockito.when(blSiteRepository.getAll()).thenReturn(new HashSet<BlacklistedSite>());
Mockito.when(authHolderRepository.getAll()).thenReturn(new ArrayList<AuthenticationHolderEntity>());
Mockito.when(tokenRepository.getAllRefreshTokens()).thenReturn(new HashSet<OAuth2RefreshTokenEntity>());
Mockito.when(tokenRepository.getAllAccessTokens()).thenReturn(allAccessTokens);
Mockito.when(sysScopeRepository.getAll()).thenReturn(new HashSet<SystemScope>());
// do the data export
StringWriter stringWriter = new StringWriter();
JsonWriter writer = new JsonWriter(stringWriter);
writer.beginObject();
dataService.exportData(writer);
writer.endObject();
writer.close();
// parse the output as a JSON object for testing
JsonElement elem = new JsonParser().parse(stringWriter.toString());
JsonObject root = elem.getAsJsonObject();
// make sure the root is there
assertThat(root.has(MITREidDataService.MITREID_CONNECT_1_1), is(true));
JsonObject config = root.get(MITREidDataService.MITREID_CONNECT_1_1).getAsJsonObject();
// make sure all the root elements are there
assertThat(config.has(MITREidDataService.CLIENTS), is(true));
assertThat(config.has(MITREidDataService.GRANTS), is(true));
assertThat(config.has(MITREidDataService.WHITELISTEDSITES), is(true));
assertThat(config.has(MITREidDataService.BLACKLISTEDSITES), is(true));
assertThat(config.has(MITREidDataService.REFRESHTOKENS), is(true));
assertThat(config.has(MITREidDataService.ACCESSTOKENS), is(true));
assertThat(config.has(MITREidDataService.SYSTEMSCOPES), is(true));
assertThat(config.has(MITREidDataService.AUTHENTICATIONHOLDERS), is(true));
// make sure the root elements are all arrays
assertThat(config.get(MITREidDataService.CLIENTS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.GRANTS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.WHITELISTEDSITES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.BLACKLISTEDSITES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.REFRESHTOKENS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.ACCESSTOKENS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.SYSTEMSCOPES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.AUTHENTICATIONHOLDERS).isJsonArray(), is(true));
// check our access token list (this test)
JsonArray accessTokens = config.get(MITREidDataService.ACCESSTOKENS).getAsJsonArray();
assertThat(accessTokens.size(), is(2));
// check for both of our access tokens in turn
Set<OAuth2AccessTokenEntity> checked = new HashSet<OAuth2AccessTokenEntity>();
for (JsonElement e : accessTokens) {
assertTrue(e.isJsonObject());
JsonObject token = e.getAsJsonObject();
OAuth2AccessTokenEntity compare = null;
if (token.get("id").getAsLong() == token1.getId().longValue()) {
compare = token1;
} else if (token.get("id").getAsLong() == token2.getId().longValue()) {
compare = token2;
}
if (compare == null) {
fail("Could not find matching id: " + token.get("id").getAsString());
} else {
assertThat(token.get("id").getAsLong(), equalTo(compare.getId()));
assertThat(token.get("clientId").getAsString(), equalTo(compare.getClient().getClientId()));
assertThat(token.get("expiration").getAsString(), equalTo(DateUtil.toUTCString(compare.getExpiration())));
assertThat(token.get("value").getAsString(), equalTo(compare.getValue()));
assertThat(token.get("type").getAsString(), equalTo(compare.getTokenType()));
assertThat(token.get("authenticationHolderId").getAsLong(), equalTo(compare.getAuthenticationHolder().getId()));
assertTrue(token.get("scope").isJsonArray());
assertThat(jsonArrayToStringSet(token.getAsJsonArray("scope")), equalTo(compare.getScope()));
if(token.get("idTokenId").isJsonNull()) {
assertNull(compare.getIdToken());
} else {
assertThat(token.get("idTokenId").getAsLong(), equalTo(compare.getIdToken().getId()));
}
if(token.get("refreshTokenId").isJsonNull()) {
assertNull(compare.getIdToken());
} else {
assertThat(token.get("refreshTokenId").getAsLong(), equalTo(compare.getRefreshToken().getId()));
}
checked.add(compare);
}
}
// make sure all of our access tokens were found
assertThat(checked.containsAll(allAccessTokens), is(true));
}
private class accessTokenIdComparator implements Comparator<OAuth2AccessTokenEntity> {
@Override
public int compare(OAuth2AccessTokenEntity entity1, OAuth2AccessTokenEntity entity2) {
@ -608,111 +357,6 @@ public class TestMITREidDataService_1_1 {
assertThat(savedAccessTokens.get(1).getValue(), equalTo(token2.getValue()));
}
@Test
public void testExportClients() throws IOException {
ClientDetailsEntity client1 = new ClientDetailsEntity();
client1.setId(1L);
client1.setAccessTokenValiditySeconds(3600);
client1.setClientId("client1");
client1.setClientSecret("clientsecret1");
client1.setRedirectUris(ImmutableSet.of("http://foo.com/"));
client1.setScope(ImmutableSet.of("foo", "bar", "baz", "dolphin"));
client1.setGrantTypes(ImmutableSet.of("implicit", "authorization_code", "urn:ietf:params:oauth:grant_type:redelegate", "refresh_token"));
client1.setAllowIntrospection(true);
ClientDetailsEntity client2 = new ClientDetailsEntity();
client2.setId(2L);
client2.setAccessTokenValiditySeconds(3600);
client2.setClientId("client2");
client2.setClientSecret("clientsecret2");
client2.setRedirectUris(ImmutableSet.of("http://bar.baz.com/"));
client2.setScope(ImmutableSet.of("foo", "dolphin", "electric-wombat"));
client2.setGrantTypes(ImmutableSet.of("client_credentials", "urn:ietf:params:oauth:grant_type:redelegate"));
client2.setAllowIntrospection(false);
Set<ClientDetailsEntity> allClients = ImmutableSet.of(client1, client2);
Mockito.when(clientRepository.getAllClients()).thenReturn(allClients);
Mockito.when(approvedSiteRepository.getAll()).thenReturn(new HashSet<ApprovedSite>());
Mockito.when(wlSiteRepository.getAll()).thenReturn(new HashSet<WhitelistedSite>());
Mockito.when(blSiteRepository.getAll()).thenReturn(new HashSet<BlacklistedSite>());
Mockito.when(authHolderRepository.getAll()).thenReturn(new ArrayList<AuthenticationHolderEntity>());
Mockito.when(tokenRepository.getAllAccessTokens()).thenReturn(new HashSet<OAuth2AccessTokenEntity>());
Mockito.when(tokenRepository.getAllRefreshTokens()).thenReturn(new HashSet<OAuth2RefreshTokenEntity>());
Mockito.when(sysScopeRepository.getAll()).thenReturn(new HashSet<SystemScope>());
// do the data export
StringWriter stringWriter = new StringWriter();
JsonWriter writer = new JsonWriter(stringWriter);
writer.beginObject();
dataService.exportData(writer);
writer.endObject();
writer.close();
// parse the output as a JSON object for testing
JsonElement elem = new JsonParser().parse(stringWriter.toString());
JsonObject root = elem.getAsJsonObject();
// make sure the root is there
assertThat(root.has(MITREidDataService.MITREID_CONNECT_1_1), is(true));
JsonObject config = root.get(MITREidDataService.MITREID_CONNECT_1_1).getAsJsonObject();
// make sure all the root elements are there
assertThat(config.has(MITREidDataService.CLIENTS), is(true));
assertThat(config.has(MITREidDataService.GRANTS), is(true));
assertThat(config.has(MITREidDataService.WHITELISTEDSITES), is(true));
assertThat(config.has(MITREidDataService.BLACKLISTEDSITES), is(true));
assertThat(config.has(MITREidDataService.REFRESHTOKENS), is(true));
assertThat(config.has(MITREidDataService.ACCESSTOKENS), is(true));
assertThat(config.has(MITREidDataService.SYSTEMSCOPES), is(true));
assertThat(config.has(MITREidDataService.AUTHENTICATIONHOLDERS), is(true));
// make sure the root elements are all arrays
assertThat(config.get(MITREidDataService.CLIENTS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.GRANTS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.WHITELISTEDSITES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.BLACKLISTEDSITES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.REFRESHTOKENS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.ACCESSTOKENS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.SYSTEMSCOPES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.AUTHENTICATIONHOLDERS).isJsonArray(), is(true));
// check our client list (this test)
JsonArray clients = config.get(MITREidDataService.CLIENTS).getAsJsonArray();
assertThat(clients.size(), is(2));
// check for both of our clients in turn
Set<ClientDetailsEntity> checked = new HashSet<ClientDetailsEntity>();
for (JsonElement e : clients) {
assertThat(e.isJsonObject(), is(true));
JsonObject client = e.getAsJsonObject();
ClientDetailsEntity compare = null;
if (client.get("clientId").getAsString().equals(client1.getClientId())) {
compare = client1;
} else if (client.get("clientId").getAsString().equals(client2.getClientId())) {
compare = client2;
}
if (compare == null) {
fail("Could not find matching clientId: " + client.get("clientId").getAsString());
} else {
assertThat(client.get("clientId").getAsString(), equalTo(compare.getClientId()));
assertThat(client.get("secret").getAsString(), equalTo(compare.getClientSecret()));
assertThat(client.get("accessTokenValiditySeconds").getAsInt(), equalTo(compare.getAccessTokenValiditySeconds()));
assertThat(client.get("allowIntrospection").getAsBoolean(), equalTo(compare.isAllowIntrospection()));
assertThat(jsonArrayToStringSet(client.get("redirectUris").getAsJsonArray()), equalTo(compare.getRedirectUris()));
assertThat(jsonArrayToStringSet(client.get("scope").getAsJsonArray()), equalTo(compare.getScope()));
assertThat(jsonArrayToStringSet(client.get("grantTypes").getAsJsonArray()), equalTo(compare.getGrantTypes()));
checked.add(compare);
}
}
// make sure all of our clients were found
assertThat(checked.containsAll(allClients), is(true));
}
@Test
public void testImportClients() throws IOException {
ClientDetailsEntity client1 = new ClientDetailsEntity();
@ -787,99 +431,6 @@ public class TestMITREidDataService_1_1 {
assertThat(savedClients.get(1).isAllowIntrospection(), equalTo(client2.isAllowIntrospection()));
}
@Test
public void testExportBlacklistedSites() throws IOException {
BlacklistedSite site1 = new BlacklistedSite();
site1.setId(1L);
site1.setUri("http://foo.com");
BlacklistedSite site2 = new BlacklistedSite();
site2.setId(2L);
site2.setUri("http://bar.com");
BlacklistedSite site3 = new BlacklistedSite();
site3.setId(3L);
site3.setUri("http://baz.com");
Set<BlacklistedSite> allBlacklistedSites = ImmutableSet.of(site1, site2, site3);
Mockito.when(clientRepository.getAllClients()).thenReturn(new HashSet<ClientDetailsEntity>());
Mockito.when(approvedSiteRepository.getAll()).thenReturn(new HashSet<ApprovedSite>());
Mockito.when(wlSiteRepository.getAll()).thenReturn(new HashSet<WhitelistedSite>());
Mockito.when(blSiteRepository.getAll()).thenReturn(allBlacklistedSites);
Mockito.when(authHolderRepository.getAll()).thenReturn(new ArrayList<AuthenticationHolderEntity>());
Mockito.when(tokenRepository.getAllAccessTokens()).thenReturn(new HashSet<OAuth2AccessTokenEntity>());
Mockito.when(tokenRepository.getAllRefreshTokens()).thenReturn(new HashSet<OAuth2RefreshTokenEntity>());
Mockito.when(sysScopeRepository.getAll()).thenReturn(new HashSet<SystemScope>());
// do the data export
StringWriter stringWriter = new StringWriter();
JsonWriter writer = new JsonWriter(stringWriter);
writer.beginObject();
dataService.exportData(writer);
writer.endObject();
writer.close();
// parse the output as a JSON object for testing
JsonElement elem = new JsonParser().parse(stringWriter.toString());
JsonObject root = elem.getAsJsonObject();
// make sure the root is there
assertThat(root.has(MITREidDataService.MITREID_CONNECT_1_1), is(true));
JsonObject config = root.get(MITREidDataService.MITREID_CONNECT_1_1).getAsJsonObject();
// make sure all the root elements are there
assertThat(config.has(MITREidDataService.CLIENTS), is(true));
assertThat(config.has(MITREidDataService.GRANTS), is(true));
assertThat(config.has(MITREidDataService.WHITELISTEDSITES), is(true));
assertThat(config.has(MITREidDataService.BLACKLISTEDSITES), is(true));
assertThat(config.has(MITREidDataService.REFRESHTOKENS), is(true));
assertThat(config.has(MITREidDataService.ACCESSTOKENS), is(true));
assertThat(config.has(MITREidDataService.SYSTEMSCOPES), is(true));
assertThat(config.has(MITREidDataService.AUTHENTICATIONHOLDERS), is(true));
// make sure the root elements are all arrays
assertThat(config.get(MITREidDataService.CLIENTS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.GRANTS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.WHITELISTEDSITES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.BLACKLISTEDSITES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.REFRESHTOKENS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.ACCESSTOKENS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.SYSTEMSCOPES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.AUTHENTICATIONHOLDERS).isJsonArray(), is(true));
// check our scope list (this test)
JsonArray sites = config.get(MITREidDataService.BLACKLISTEDSITES).getAsJsonArray();
assertThat(sites.size(), is(3));
// check for both of our sites in turn
Set<BlacklistedSite> checked = new HashSet<BlacklistedSite>();
for (JsonElement e : sites) {
assertThat(e.isJsonObject(), is(true));
JsonObject site = e.getAsJsonObject();
BlacklistedSite compare = null;
if (site.get("id").getAsLong() == site1.getId().longValue()) {
compare = site1;
} else if (site.get("id").getAsLong() == site2.getId().longValue()) {
compare = site2;
} else if (site.get("id").getAsLong() == site3.getId().longValue()) {
compare = site3;
}
if (compare == null) {
fail("Could not find matching blacklisted site id: " + site.get("id").getAsString());
} else {
assertThat(site.get("uri").getAsString(), equalTo(compare.getUri()));
checked.add(compare);
}
}
// make sure all of our clients were found
assertThat(checked.containsAll(allBlacklistedSites), is(true));
}
@Test
public void testImportBlacklistedSites() throws IOException {
BlacklistedSite site1 = new BlacklistedSite();
@ -928,99 +479,6 @@ public class TestMITREidDataService_1_1 {
assertThat(savedSites.get(2).getUri(), equalTo(site3.getUri()));
}
@Test
public void testExportWhitelistedSites() throws IOException {
WhitelistedSite site1 = new WhitelistedSite();
site1.setId(1L);
site1.setClientId("foo");
WhitelistedSite site2 = new WhitelistedSite();
site2.setId(2L);
site2.setClientId("bar");
WhitelistedSite site3 = new WhitelistedSite();
site3.setId(3L);
site3.setClientId("baz");
Set<WhitelistedSite> allWhitelistedSites = ImmutableSet.of(site1, site2, site3);
Mockito.when(clientRepository.getAllClients()).thenReturn(new HashSet<ClientDetailsEntity>());
Mockito.when(approvedSiteRepository.getAll()).thenReturn(new HashSet<ApprovedSite>());
Mockito.when(blSiteRepository.getAll()).thenReturn(new HashSet<BlacklistedSite>());
Mockito.when(wlSiteRepository.getAll()).thenReturn(allWhitelistedSites);
Mockito.when(authHolderRepository.getAll()).thenReturn(new ArrayList<AuthenticationHolderEntity>());
Mockito.when(tokenRepository.getAllAccessTokens()).thenReturn(new HashSet<OAuth2AccessTokenEntity>());
Mockito.when(tokenRepository.getAllRefreshTokens()).thenReturn(new HashSet<OAuth2RefreshTokenEntity>());
Mockito.when(sysScopeRepository.getAll()).thenReturn(new HashSet<SystemScope>());
// do the data export
StringWriter stringWriter = new StringWriter();
JsonWriter writer = new JsonWriter(stringWriter);
writer.beginObject();
dataService.exportData(writer);
writer.endObject();
writer.close();
// parse the output as a JSON object for testing
JsonElement elem = new JsonParser().parse(stringWriter.toString());
JsonObject root = elem.getAsJsonObject();
// make sure the root is there
assertThat(root.has(MITREidDataService.MITREID_CONNECT_1_1), is(true));
JsonObject config = root.get(MITREidDataService.MITREID_CONNECT_1_1).getAsJsonObject();
// make sure all the root elements are there
assertThat(config.has(MITREidDataService.CLIENTS), is(true));
assertThat(config.has(MITREidDataService.GRANTS), is(true));
assertThat(config.has(MITREidDataService.WHITELISTEDSITES), is(true));
assertThat(config.has(MITREidDataService.BLACKLISTEDSITES), is(true));
assertThat(config.has(MITREidDataService.REFRESHTOKENS), is(true));
assertThat(config.has(MITREidDataService.ACCESSTOKENS), is(true));
assertThat(config.has(MITREidDataService.SYSTEMSCOPES), is(true));
assertThat(config.has(MITREidDataService.AUTHENTICATIONHOLDERS), is(true));
// make sure the root elements are all arrays
assertThat(config.get(MITREidDataService.CLIENTS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.GRANTS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.WHITELISTEDSITES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.BLACKLISTEDSITES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.REFRESHTOKENS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.ACCESSTOKENS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.SYSTEMSCOPES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.AUTHENTICATIONHOLDERS).isJsonArray(), is(true));
// check our scope list (this test)
JsonArray sites = config.get(MITREidDataService.WHITELISTEDSITES).getAsJsonArray();
assertThat(sites.size(), is(3));
// check for both of our sites in turn
Set<WhitelistedSite> checked = new HashSet<WhitelistedSite>();
for (JsonElement e : sites) {
assertThat(e.isJsonObject(), is(true));
JsonObject site = e.getAsJsonObject();
WhitelistedSite compare = null;
if (site.get("id").getAsLong() == site1.getId().longValue()) {
compare = site1;
} else if (site.get("id").getAsLong() == site2.getId().longValue()) {
compare = site2;
} else if (site.get("id").getAsLong() == site3.getId().longValue()) {
compare = site3;
}
if (compare == null) {
fail("Could not find matching whitelisted site id: " + site.get("id").getAsString());
} else {
assertThat(site.get("clientId").getAsString(), equalTo(compare.getClientId()));
checked.add(compare);
}
}
// make sure all of our clients were found
assertThat(checked.containsAll(allWhitelistedSites), is(true));
}
@Test
public void testImportWhitelistedSites() throws IOException {
WhitelistedSite site1 = new WhitelistedSite();
@ -1090,140 +548,6 @@ public class TestMITREidDataService_1_1 {
assertThat(savedSites.get(2).getClientId(), equalTo(site3.getClientId()));
}
@Test
public void testExportGrants() throws IOException {
Date creationDate1 = DateUtil.utcToDate("2014-09-10T22:49:44.090+0000");
Date accessDate1 = DateUtil.utcToDate("2014-09-10T23:49:44.090+0000");
WhitelistedSite mockWlSite1 = mock(WhitelistedSite.class);
when(mockWlSite1.getId()).thenReturn(1L);
OAuth2AccessTokenEntity mockToken1 = mock(OAuth2AccessTokenEntity.class);
when(mockToken1.getId()).thenReturn(1L);
ApprovedSite site1 = new ApprovedSite();
site1.setId(1L);
site1.setClientId("foo");
site1.setCreationDate(creationDate1);
site1.setAccessDate(accessDate1);
site1.setUserId("user1");
site1.setWhitelistedSite(mockWlSite1);
site1.setAllowedScopes(ImmutableSet.of("openid", "phone"));
site1.setApprovedAccessTokens(ImmutableSet.of(mockToken1));
Date creationDate2 = DateUtil.utcToDate("2014-09-11T18:49:44.090+0000");
Date accessDate2 = DateUtil.utcToDate("2014-09-11T20:49:44.090+0000");
Date timeoutDate2 = DateUtil.utcToDate("2014-10-01T20:49:44.090+0000");
ApprovedSite site2 = new ApprovedSite();
site2.setId(2L);
site2.setClientId("bar");
site2.setCreationDate(creationDate2);
site2.setAccessDate(accessDate2);
site2.setUserId("user2");
site2.setAllowedScopes(ImmutableSet.of("openid", "offline_access", "email", "profile"));
site2.setTimeoutDate(timeoutDate2);
Set<ApprovedSite> allApprovedSites = ImmutableSet.of(site1, site2);
Mockito.when(clientRepository.getAllClients()).thenReturn(new HashSet<ClientDetailsEntity>());
Mockito.when(approvedSiteRepository.getAll()).thenReturn(allApprovedSites);
Mockito.when(blSiteRepository.getAll()).thenReturn(new HashSet<BlacklistedSite>());
Mockito.when(wlSiteRepository.getAll()).thenReturn(new HashSet<WhitelistedSite>());
Mockito.when(authHolderRepository.getAll()).thenReturn(new ArrayList<AuthenticationHolderEntity>());
Mockito.when(tokenRepository.getAllAccessTokens()).thenReturn(new HashSet<OAuth2AccessTokenEntity>());
Mockito.when(tokenRepository.getAllRefreshTokens()).thenReturn(new HashSet<OAuth2RefreshTokenEntity>());
Mockito.when(sysScopeRepository.getAll()).thenReturn(new HashSet<SystemScope>());
// do the data export
StringWriter stringWriter = new StringWriter();
JsonWriter writer = new JsonWriter(stringWriter);
writer.beginObject();
dataService.exportData(writer);
writer.endObject();
writer.close();
// parse the output as a JSON object for testing
JsonElement elem = new JsonParser().parse(stringWriter.toString());
JsonObject root = elem.getAsJsonObject();
// make sure the root is there
assertThat(root.has(MITREidDataService.MITREID_CONNECT_1_1), is(true));
JsonObject config = root.get(MITREidDataService.MITREID_CONNECT_1_1).getAsJsonObject();
// make sure all the root elements are there
assertThat(config.has(MITREidDataService.CLIENTS), is(true));
assertThat(config.has(MITREidDataService.GRANTS), is(true));
assertThat(config.has(MITREidDataService.WHITELISTEDSITES), is(true));
assertThat(config.has(MITREidDataService.BLACKLISTEDSITES), is(true));
assertThat(config.has(MITREidDataService.REFRESHTOKENS), is(true));
assertThat(config.has(MITREidDataService.ACCESSTOKENS), is(true));
assertThat(config.has(MITREidDataService.SYSTEMSCOPES), is(true));
assertThat(config.has(MITREidDataService.AUTHENTICATIONHOLDERS), is(true));
// make sure the root elements are all arrays
assertThat(config.get(MITREidDataService.CLIENTS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.GRANTS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.WHITELISTEDSITES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.BLACKLISTEDSITES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.REFRESHTOKENS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.ACCESSTOKENS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.SYSTEMSCOPES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.AUTHENTICATIONHOLDERS).isJsonArray(), is(true));
// check our scope list (this test)
JsonArray sites = config.get(MITREidDataService.GRANTS).getAsJsonArray();
assertThat(sites.size(), is(2));
// check for both of our sites in turn
Set<ApprovedSite> checked = new HashSet<ApprovedSite>();
for (JsonElement e : sites) {
assertThat(e.isJsonObject(), is(true));
JsonObject site = e.getAsJsonObject();
ApprovedSite compare = null;
if (site.get("id").getAsLong() == site1.getId().longValue()) {
compare = site1;
} else if (site.get("id").getAsLong() == site2.getId().longValue()) {
compare = site2;
}
if (compare == null) {
fail("Could not find matching whitelisted site id: " + site.get("id").getAsString());
} else {
assertThat(site.get("clientId").getAsString(), equalTo(compare.getClientId()));
assertThat(site.get("creationDate").getAsString(), equalTo(DateUtil.toUTCString(compare.getCreationDate())));
assertThat(site.get("accessDate").getAsString(), equalTo(DateUtil.toUTCString(compare.getAccessDate())));
if(site.get("timeoutDate").isJsonNull()) {
assertNull(compare.getTimeoutDate());
} else {
assertThat(site.get("timeoutDate").getAsString(), equalTo(DateUtil.toUTCString(compare.getTimeoutDate())));
}
assertThat(site.get("userId").getAsString(), equalTo(compare.getUserId()));
assertThat(jsonArrayToStringSet(site.getAsJsonArray("allowedScopes")), equalTo(compare.getAllowedScopes()));
if (site.get("whitelistedSiteId").isJsonNull()) {
assertNull(compare.getWhitelistedSite());
} else {
assertThat(site.get("whitelistedSiteId").getAsLong(), equalTo(compare.getWhitelistedSite().getId()));
}
if (site.get("approvedAccessTokens").isJsonNull() || site.getAsJsonArray("approvedAccessTokens") == null) {
assertTrue(compare.getApprovedAccessTokens() == null || compare.getApprovedAccessTokens().isEmpty());
} else {
assertNotNull(compare.getApprovedAccessTokens());
Set<String> tokenIds = new HashSet<String>();
for(OAuth2AccessTokenEntity entity : compare.getApprovedAccessTokens()) {
tokenIds.add(entity.getId().toString());
}
assertThat(jsonArrayToStringSet(site.getAsJsonArray("approvedAccessTokens")), equalTo(tokenIds));
}
checked.add(compare);
}
}
// make sure all of our clients were found
assertThat(checked.containsAll(allApprovedSites), is(true));
}
@Test
public void testImportGrants() throws IOException {
Date creationDate1 = DateUtil.utcToDate("2014-09-10T22:49:44.090+0000");
@ -1346,105 +670,6 @@ public class TestMITREidDataService_1_1 {
assertThat(savedSites.get(1).getApprovedAccessTokens().size(), equalTo(site2.getApprovedAccessTokens().size()));
}
@Test
public void testExportAuthenticationHolders() throws IOException {
OAuth2Request req1 = new OAuth2Request(new HashMap<String, String>(), "client1", new ArrayList<GrantedAuthority>(),
true, new HashSet<String>(), new HashSet<String>(), "http://foo.com",
new HashSet<String>(), null);
Authentication mockAuth1 = mock(Authentication.class, withSettings().serializable());
OAuth2Authentication auth1 = new OAuth2Authentication(req1, mockAuth1);
AuthenticationHolderEntity holder1 = new AuthenticationHolderEntity();
holder1.setId(1L);
holder1.setAuthentication(auth1);
OAuth2Request req2 = new OAuth2Request(new HashMap<String, String>(), "client2", new ArrayList<GrantedAuthority>(),
true, new HashSet<String>(), new HashSet<String>(), "http://bar.com",
new HashSet<String>(), null);
Authentication mockAuth2 = mock(Authentication.class, withSettings().serializable());
OAuth2Authentication auth2 = new OAuth2Authentication(req2, mockAuth2);
AuthenticationHolderEntity holder2 = new AuthenticationHolderEntity();
holder2.setId(2L);
holder2.setAuthentication(auth2);
List<AuthenticationHolderEntity> allAuthHolders = ImmutableList.of(holder1, holder2);
Mockito.when(clientRepository.getAllClients()).thenReturn(new HashSet<ClientDetailsEntity>());
Mockito.when(approvedSiteRepository.getAll()).thenReturn(new HashSet<ApprovedSite>());
Mockito.when(wlSiteRepository.getAll()).thenReturn(new HashSet<WhitelistedSite>());
Mockito.when(blSiteRepository.getAll()).thenReturn(new HashSet<BlacklistedSite>());
Mockito.when(authHolderRepository.getAll()).thenReturn(allAuthHolders);
Mockito.when(tokenRepository.getAllAccessTokens()).thenReturn(new HashSet<OAuth2AccessTokenEntity>());
Mockito.when(tokenRepository.getAllRefreshTokens()).thenReturn(new HashSet<OAuth2RefreshTokenEntity>());
Mockito.when(sysScopeRepository.getAll()).thenReturn(new HashSet<SystemScope>());
// do the data export
StringWriter stringWriter = new StringWriter();
JsonWriter writer = new JsonWriter(stringWriter);
writer.beginObject();
dataService.exportData(writer);
writer.endObject();
writer.close();
// parse the output as a JSON object for testing
JsonElement elem = new JsonParser().parse(stringWriter.toString());
JsonObject root = elem.getAsJsonObject();
// make sure the root is there
assertThat(root.has(MITREidDataService.MITREID_CONNECT_1_1), is(true));
JsonObject config = root.get(MITREidDataService.MITREID_CONNECT_1_1).getAsJsonObject();
// make sure all the root elements are there
assertThat(config.has(MITREidDataService.CLIENTS), is(true));
assertThat(config.has(MITREidDataService.GRANTS), is(true));
assertThat(config.has(MITREidDataService.WHITELISTEDSITES), is(true));
assertThat(config.has(MITREidDataService.BLACKLISTEDSITES), is(true));
assertThat(config.has(MITREidDataService.REFRESHTOKENS), is(true));
assertThat(config.has(MITREidDataService.ACCESSTOKENS), is(true));
assertThat(config.has(MITREidDataService.SYSTEMSCOPES), is(true));
assertThat(config.has(MITREidDataService.AUTHENTICATIONHOLDERS), is(true));
// make sure the root elements are all arrays
assertThat(config.get(MITREidDataService.CLIENTS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.GRANTS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.WHITELISTEDSITES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.BLACKLISTEDSITES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.REFRESHTOKENS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.ACCESSTOKENS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.SYSTEMSCOPES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.AUTHENTICATIONHOLDERS).isJsonArray(), is(true));
// check our holder list (this test)
JsonArray holders = config.get(MITREidDataService.AUTHENTICATIONHOLDERS).getAsJsonArray();
assertThat(holders.size(), is(2));
// check for both of our clients in turn
Set<AuthenticationHolderEntity> checked = new HashSet<AuthenticationHolderEntity>();
for (JsonElement e : holders) {
assertThat(e.isJsonObject(), is(true));
JsonObject holder = e.getAsJsonObject();
AuthenticationHolderEntity compare = null;
if (holder.get("id").getAsLong() == holder1.getId()) {
compare = holder1;
} else if (holder.get("id").getAsLong() == holder2.getId()) {
compare = holder2;
}
if (compare == null) {
fail("Could not find matching authentication holder id: " + holder.get("id").getAsString());
} else {
assertTrue(holder.get("authentication").isJsonObject());
checked.add(compare);
}
}
// make sure all of our clients were found
assertThat(checked.containsAll(allAuthHolders), is(true));
}
@Test
public void testImportAuthenticationHolders() throws IOException {
OAuth2Request req1 = new OAuth2Request(new HashMap<String, String>(), "client1", new ArrayList<GrantedAuthority>(),
@ -1512,116 +737,6 @@ public class TestMITREidDataService_1_1 {
assertThat(savedAuthHolders.get(1).getAuthentication().getOAuth2Request().getClientId(), equalTo(holder2.getAuthentication().getOAuth2Request().getClientId()));
}
@Test
public void testExportSystemScopes() throws IOException {
SystemScope scope1 = new SystemScope();
scope1.setId(1L);
scope1.setValue("scope1");
scope1.setDescription("Scope 1");
scope1.setAllowDynReg(false);
scope1.setDefaultScope(false);
scope1.setIcon("glass");
SystemScope scope2 = new SystemScope();
scope2.setId(2L);
scope2.setValue("scope2");
scope2.setDescription("Scope 2");
scope2.setAllowDynReg(true);
scope2.setDefaultScope(false);
scope2.setIcon("ball");
SystemScope scope3 = new SystemScope();
scope3.setId(3L);
scope3.setValue("scope3");
scope3.setDescription("Scope 3");
scope3.setAllowDynReg(true);
scope3.setDefaultScope(true);
scope3.setIcon("road");
Set<SystemScope> allScopes = ImmutableSet.of(scope1, scope2, scope3);
Mockito.when(clientRepository.getAllClients()).thenReturn(new HashSet<ClientDetailsEntity>());
Mockito.when(approvedSiteRepository.getAll()).thenReturn(new HashSet<ApprovedSite>());
Mockito.when(wlSiteRepository.getAll()).thenReturn(new HashSet<WhitelistedSite>());
Mockito.when(blSiteRepository.getAll()).thenReturn(new HashSet<BlacklistedSite>());
Mockito.when(authHolderRepository.getAll()).thenReturn(new ArrayList<AuthenticationHolderEntity>());
Mockito.when(tokenRepository.getAllAccessTokens()).thenReturn(new HashSet<OAuth2AccessTokenEntity>());
Mockito.when(tokenRepository.getAllRefreshTokens()).thenReturn(new HashSet<OAuth2RefreshTokenEntity>());
Mockito.when(sysScopeRepository.getAll()).thenReturn(allScopes);
// do the data export
StringWriter stringWriter = new StringWriter();
JsonWriter writer = new JsonWriter(stringWriter);
writer.beginObject();
dataService.exportData(writer);
writer.endObject();
writer.close();
// parse the output as a JSON object for testing
JsonElement elem = new JsonParser().parse(stringWriter.toString());
JsonObject root = elem.getAsJsonObject();
// make sure the root is there
assertThat(root.has(MITREidDataService.MITREID_CONNECT_1_1), is(true));
JsonObject config = root.get(MITREidDataService.MITREID_CONNECT_1_1).getAsJsonObject();
// make sure all the root elements are there
assertThat(config.has(MITREidDataService.CLIENTS), is(true));
assertThat(config.has(MITREidDataService.GRANTS), is(true));
assertThat(config.has(MITREidDataService.WHITELISTEDSITES), is(true));
assertThat(config.has(MITREidDataService.BLACKLISTEDSITES), is(true));
assertThat(config.has(MITREidDataService.REFRESHTOKENS), is(true));
assertThat(config.has(MITREidDataService.ACCESSTOKENS), is(true));
assertThat(config.has(MITREidDataService.SYSTEMSCOPES), is(true));
assertThat(config.has(MITREidDataService.AUTHENTICATIONHOLDERS), is(true));
// make sure the root elements are all arrays
assertThat(config.get(MITREidDataService.CLIENTS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.GRANTS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.WHITELISTEDSITES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.BLACKLISTEDSITES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.REFRESHTOKENS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.ACCESSTOKENS).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.SYSTEMSCOPES).isJsonArray(), is(true));
assertThat(config.get(MITREidDataService.AUTHENTICATIONHOLDERS).isJsonArray(), is(true));
// check our scope list (this test)
JsonArray scopes = config.get(MITREidDataService.SYSTEMSCOPES).getAsJsonArray();
assertThat(scopes.size(), is(3));
// check for both of our clients in turn
Set<SystemScope> checked = new HashSet<SystemScope>();
for (JsonElement e : scopes) {
assertThat(e.isJsonObject(), is(true));
JsonObject scope = e.getAsJsonObject();
SystemScope compare = null;
if (scope.get("value").getAsString().equals(scope1.getValue())) {
compare = scope1;
} else if (scope.get("value").getAsString().equals(scope2.getValue())) {
compare = scope2;
} else if (scope.get("value").getAsString().equals(scope3.getValue())) {
compare = scope3;
}
if (compare == null) {
fail("Could not find matching scope value: " + scope.get("value").getAsString());
} else {
assertThat(scope.get("value").getAsString(), equalTo(compare.getValue()));
assertThat(scope.get("description").getAsString(), equalTo(compare.getDescription()));
assertThat(scope.get("icon").getAsString(), equalTo(compare.getIcon()));
assertThat(scope.get("allowDynReg").getAsBoolean(), equalTo(compare.isAllowDynReg()));
assertThat(scope.get("defaultScope").getAsBoolean(), equalTo(compare.isDefaultScope()));
checked.add(compare);
}
}
// make sure all of our clients were found
assertThat(checked.containsAll(allScopes), is(true));
}
@Test
public void testImportSystemScopes() throws IOException {
SystemScope scope1 = new SystemScope();
@ -1835,4 +950,10 @@ public class TestMITREidDataService_1_1 {
return s;
}
@Test(expected = UnsupportedOperationException.class)
public void testExportDisabled() throws IOException {
JsonWriter writer = new JsonWriter(new StringWriter());
dataService.exportData(writer);
}
}

1838
openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestMITREidDataService_1_2.java Normal file
View File

File diff suppressed because it is too large Load Diff